aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack
diff options
context:
space:
mode:
authorMilo Winningham <milo@winningham.net>2019-06-21 23:29:05 -0700
committerMilo Winningham <milo@winningham.net>2019-06-22 12:43:11 -0700
commit36b25aa1c4863cc70c74fd783fb54ba44a3a128e (patch)
treeac9e2fd41654570ad177433f2b7d34c98966804a /actionpack
parenta2a515d9de4ef0ddf4d78b05fcb0b838d2e1b5e3 (diff)
downloadrails-36b25aa1c4863cc70c74fd783fb54ba44a3a128e.tar.gz
rails-36b25aa1c4863cc70c74fd783fb54ba44a3a128e.tar.bz2
rails-36b25aa1c4863cc70c74fd783fb54ba44a3a128e.zip
Add test for cookie being modified by rotation
Diffstat (limited to 'actionpack')
-rw-r--r--actionpack/test/dispatch/cookies_test.rb13
1 files changed, 13 insertions, 0 deletions
diff --git a/actionpack/test/dispatch/cookies_test.rb b/actionpack/test/dispatch/cookies_test.rb
index d129fa717d..e4d4792de6 100644
--- a/actionpack/test/dispatch/cookies_test.rb
+++ b/actionpack/test/dispatch/cookies_test.rb
@@ -893,6 +893,19 @@ class CookiesTest < ActionController::TestCase
assert_equal 45, encryptor.decrypt_and_verify(@response.cookies["foo"])
end
+ def test_cookie_with_hash_value_not_modified_by_rotation
+ @request.env["action_dispatch.signed_cookie_digest"] = "SHA256"
+ @request.env["action_dispatch.cookies_rotations"].rotate :signed, digest: "SHA1"
+
+ key_generator = @request.env["action_dispatch.key_generator"]
+ old_secret = key_generator.generate_key(@request.env["action_dispatch.signed_cookie_salt"])
+ old_value = ActiveSupport::MessageVerifier.new(old_secret).generate(bar: "baz")
+
+ @request.headers["Cookie"] = "foo=#{old_value}"
+ get :get_signed_cookie
+ assert_equal({ bar: "baz" }, @controller.send(:cookies).signed[:foo])
+ end
+
def test_cookie_with_all_domain_option
get :set_cookie_with_domain
assert_response :success